Steam phishing targets video game players

Graham Cluley
Graham Cluley
@[email protected]

SteamSteam, the world’s largest online gaming platform, is increasingly being targeted by phishers trying to steal credentials from its 30 million users.

If you’re not familiar with Steam, just imagine something like iTunes – but for PC and Mac video games.

If you’re interested in digitally downloading video games for your computer, Steam is likely to be your destination.

Steam's website

Phishing attacks against Steam users are nothing new – they’ve been around for a couple of years – but as more and more users jump onto the Steam bandwagon (train?) phishers have greater chances of success.

Here’s one example of a Steam phishing email, intercepted by SophosLabs, which was sent to an email address that has never registered for a Steam account:

Steam phishing email

Subject: Warning! Your steam account will be suspended?

Although it looks like the link will take you to the real Steam website, the HTML actually directs you to a phishing site. Our spam researchers had a wry smile when they spotted that the email was sent on 15 February and yet it claims that Steam accounts will be closed if they don’t hear back from the users by 11 February.

Just as we’ve seen a black market for stolen iTunes accounts, so Steam accounts have a monetary value too.

So, don’t be too trigger-happy and always think before you click on that link. And if you use the same password on Steam as you do on other websites you could be handing cybercriminals over more than just the keys to your games cupboard.

Valve, the company behind Steam, has published advice on how to secure your Steam account which users would be wise to read.

[twitter-follow screen_name=”gcluley” show_count=”yes”]

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.